[RPZ] Answering my own RPZ question

Robert Edmonds edmonds at isc.org
Fri Jan 6 18:21:06 UTC 2012

Bill Owens wrote:
> Personally I expect to use a DNSSEC-aware resolver and have my
> individual machines doing their own validation, so I don't anticipate
> getting any use out of RPZ - that's a shame, because it does have
> practical value, but so be it; I think that DNSSEC is the trump card.
> And I'm glad that RPZ is taking the high ground. . .

btw, you might be interested in nss-ubdns:


i use this to do validation on my individual linux machines that have
access to a DNSSEC-aware recursive server.

Robert Edmonds
edmonds at isc.org

More information about the DNSfirewalls mailing list